Update NSS to 3.38

- Added HACL*Poly1305 32-bit (INRIA/Microsoft)
- Updated to final TLS 1.3 draft version (28)
- Removed TLS 1.3 prerelease draft limit check
- Removed NPN code
- Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments
- Fixed several bugs with TLS 1.3 negotiation
- Updated internal certificate store
- Added support for the TLS Record Size Limit Extension.
- Fixed CVE-2018-0495
- Various security fixes in the ASN.1 code.

1 files changed, 2 insertions, 2 deletions

diff --git a/security/nss/cmd/signtool/zip.c b/security/nss/cmd/signtool/zip.c
index 35d5f5733..aeb5d6c54 100644
--- a/security/nss/cmd/signtool/zip.c
+++ b/security/nss/cmd/signtool/zip.c
@@ -129,7 +129,7 @@ handle_zerror(int err, char *msg)
  * been opened with JzipOpen.
  */
 int
-JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int compression_level)
+JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int lvl)
 {
     ZIPentry *entry;
     PRFileDesc *readfp;
@@ -319,7 +319,7 @@ JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int compression_level)
      * It causes zlib to leave out its headers and footers, which don't
      * work in PKZIP files.
      */
-    err = deflateInit2(&zstream, compression_level, Z_DEFLATED,
+    err = deflateInit2(&zstream, lvl, Z_DEFLATED,
                        -MAX_WBITS, 8 /*default*/, Z_DEFAULT_STRATEGY);
     if (err != Z_OK) {
         handle_zerror(err, zstream.msg);